5 Commits (439e547367fb9dcb4da2686edd795d06e1c459d8)

Author	SHA1	Message	Date
oabrivard	439e547367	Phase 4: LLM provider abstraction with Gemini, user API key encryption ... Backend: - LlmProvider async trait with generate_search_pass/generate_rewrite_pass - GeminiProvider: googleSearch grounding (pass 1), structured JSON output (pass 2) - AES-256-GCM encryption for user API keys at rest (per-key random nonces) - MasterKey with zeroize-on-drop (no Clone to prevent unzeroized copies) - User API key endpoints: list (prefix only), create/update, delete, test - Dynamic category schema builder for structured LLM output - Provider factory (Gemini implemented, OpenAI/Anthropic stubbed for Phase 6) - 37 new unit tests (encryption, schema, Gemini serialization, factory) - 17 integration tests (CRUD, encryption verification, ownership isolation) Frontend: - ApiKeyManager component: per-provider key management in Settings - Password input with show/hide toggle, key prefix display (monospace) - Test button validates key with minimal LLM call - Status badges (configured/not configured) - 11 new tests Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	3 months ago
oabrivard	22ff026a4c	Fix Phase 2 critical issues: SSRF IPv6 gaps, body text filtering, CSV validation ... - Fix body text extraction to actually filter excluded elements (script, nav, footer, aside, etc.) using node ID tracking instead of unused HashSet - Add IPv6 reserved range checks to SSRF prevention: ULA (fc00::/7), documentation (2001:db8::/32), discard prefix (100::/64) - Add errors field to frontend BulkImportResponse type - Validate Content-Type on CSV multipart upload (reject non-text files) - Add 6 new unit tests for the fixes Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>	3 months ago
oabrivard	2b75dc7049	Finished phase 2	3 months ago
oabrivard	a36e3732bf	Fixed critical problems from phase 1	3 months ago
oabrivard	355dbf6a5a	Finished phase 1	3 months ago